We’ve been using DynDNS Managed DNS for a long time. We use Managed DNS to offer dynamically updating DNS records for clients with either on-site services, or where we believe that dynamic updating of records is needed. Oracle has bought DynDNS somewhere in 2019 and decided to slowly start killing off the DynDNS Managed DNS…
Blog
Automating with PowerShell: Storing Office 365 audit logs longer than 90 days
A friend of mine recently bumped into an issue; his client wanted to know when a specific user logged on for the last time. The problem was that he did not have the unified audit log enabled, but even if he did the time-span was too long. We got lucky at using just the mailbox…
Automating with PowerShell: Using the Secure Application model updates.
I have a feeling I might be giving people a blogging overdose, but I’ve been playing with so much cool stuff the last couple of days. So lets get the ball rolling; I’ve finally found a method to connect to the SCC succesfully using the Secure Application model. I’ve also found that non-partners can use…
Automating with PowerShell: Creating dynamic distribution groups in all O365 tenants
Someone on the /r/msp reddit, and a Slack that I frequent asked if it is possible to create an “all users” distribution group with PowerShell, and keep it up to date. I figured to spend some time on it. To achieve a list that is always up to date, we can use Dynamic Distribution groups….
Documenting with PowerShell: creating a device audit log
My engineers sometimes have questions about past events on a specific machine, to which I often point them towards our RMM system. The RMM system contains a bulk of data that can be used to make analysis. The problem is just that – It’s unedited bulk data, often with different locations for different pieces of…
Documenting with PowerShell: Syncing Unifi devices to IT-Glue
This blog should be used in together with my previous blog about Unifi documentation. This script syncs all devices to IT-Glue and makes sure the configurations are in sync with eachother. It will overwrite any changes you’ve made to the configurations, so treat with care. And that’s it! this blog will be followed up by…
Documenting and monitoring blogs updates
No new blog today, its officially a bank holiday and I’m enjoying the sun 🙂 I did make sure not to leave my readers empty handed. A bunch of my blogs got a little bit outdated, so I decided to update them. The following blogs have been updated: O365 blogs I’ve updated the Secure Application…
Documenting with PowerShell: Documenting Unifi infrastructure
This blog is based on an earlier blog by Eliot Munro; Syncing Unifi Sites with IT-Glue by Eliot Munro. I loved the script, but wanted a little bit of extra information, I also didn’t really like the syncing with a Sharepoint list, so I modified the script to use the site name instead. So, to…
Monitoring with PowerShell: Preventing PowerShell based attacks (LoLBas)
In the last Huntress Tradecraft Tuesdays there was some discussion about using “Living of the land” techniques. Living of the land means using the tools available on the operation system to achieve access. There’s a lot of ways that bad actors are now using these system tools to deploy ransomware for example. PowerShell is one…
Monitoring with PowerShell: Monitoring the used MFA type for O365/Azure.
We all know it’s key to have your security hygiene in order, a large part of that is your multi factor authentication deployment. Having all users use MFA these days is a no-brainer, but not all types of MFA are made equal. For example; MFA via text-message is generally considered unsafe. But even the entered…
Monitoring using PowerShell: Getting mailbox rules from the audit log
Some time ago I spoke about monitoring mailbox rules with PowerShell and how we’ve always used the “Get-inboxrule” cmdlet as delegate administrator to retrieve the rules and alert on them. Its been brought to my attention that recently API-created rules are no longer showing up using get-inboxrule. so to resolve this, I’ve decided to rewrite…
Automating with PowerShell: Creating named accounts
So this blog is attached to the MSP Security Summit presentation I’ve given. These scripts are some examples on how you could deploy named accounts with your RMM system. How to deploy the scripts as securely as possible really depends on your RMM system – Some systems allow you to pass passwords as secure strings,…
Automating with PowerShell: Automating Warranty information reporting.
One of the reddits I frequent has been seeing a lot of complaints lately about warranty information being incomplete or there’s complaints about the pricing of warranty information products. Most of these complaints are aimed at a specific product which is showing very shady sales tactics and general bad business practices lately. I figured I…
Monitoring with PowerShell: Monitoring Windows Performance Index
First things are first: I just got awarded the new and prestigious Azure Hero award. Im an Azure Content Hero, of which only 250 are awarded. I am super thankful and very excited for this as its a great recognition for my work on this blog. I really want to thank the people that nominated…
Documenting with PowerShell: Using PowerShell to create faster partner portal
I love having the ability to manage all clients from a single portal. My only issue is that the partner portal is quite error prone and sluggish, and it seems to get worse with each added client. There are some more problems like only being able to find clients based on their name. So I’ve…